top of page
PREVIOUS SEMINAR - 4th February 2022

Karl Hallgren (Imperial College London)

Title: Bayesian changepoint models motivated by cyber security applications

Changepoint detection has an important role to play in the next generation of cyber security defenses, A cyber attack typically changes the behaviour of the target network. Therefore, to detect the presence of a network intrusion, it can be informative to monitor for changes in the high-volume data sources which are collected inside an enterprise computer network. However, most traditional changepoint detection methods are not adapted to characterise what cyber security analysts mean by a change, and consequently raise too many false alerts but also overlook weak signals which are suggestive of a real attack. This talk will present two novel changepoint models that address some challenges raised by cyber data: the first model offers robustness to non-exchangeable data within segments such that normal dynamic phenomena observed in cyber data can be captured; the second model combines evidence across a graph of time series to identify patterns of changepoints which are a priori more likely to correspond to an attack.


bottom of page